How to extract a public certificate and private key from .pfx for use in GMS/Analyzer 7.2 and later

03/26/2020 1,122 People found this article helpful 201,120 Views

Download

Print

Share

• LinkedIn
• Twitter
• Facebook
• Email
• Copy URL The link has been copied to clipboard

Description

How to import the custom certificate to GMS/Analyzer 7.2

Resolution

1. Prepare your certificate issued by CA in .pfx format (eg. certificate.pfx) and the password key

2. Install OpenSSL on your system - for the installation file refer to the following url: https://www.openssl.org/source/

3. Take the .pfx file (e.g. certname.pfx) and copy it to a system where you have OpenSSL installed.

   Note: the *.pfx file is in PKCS#12 format and includes both the certificate and the private key.

4. Run the following command to export the certificate: openssl pkcs12 -in certname.pfx -nokeys -out cert.pem output = cert.pem

5. Run the following command to export the private key: openssl pkcs12 -in certname.pfx -nocerts -out key.pem -nodes output = key.pem

6. Run the following command if you wish to remove the passphrase from the private key: openssl rsa -in key.pem -out server.key

7. Login to the appliance (system) interface of the GMS/Analyzer and under System/Deployment/Settings/SSL Access configuration select Custom button.

8. Under Certificate file browse for the cert.pem file created in the step 4.

9. Under Certificate Key file browse for the key.pem file created in the step 5.

10. Provide the certificate password in the Certificate password field.

11. Click on update button. GMS will reboot and your new custom certificate will be installed.

Related Articles

• Specific syslog IDs are not seen in Analytics reports
• Upgrading to Analytics 2.5.0.4
• How to upgrade firmware for a group of firewalls in NSM

Categories

• Management and Reporting > GMS